rpm package
opensuse/python-markdown2&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python-markdown2&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-26813 | — | < 2.4.0-2.4 | 2.4.0-2.4 | Mar 3, 2021 | markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time. | ||
| CVE-2018-5773 | — | < 2.4.0-2.4 | 2.4.0-2.4 | Jan 18, 2018 | An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the |
- CVE-2021-26813Mar 3, 2021affected < 2.4.0-2.4fixed 2.4.0-2.4
markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
- CVE-2018-5773Jan 18, 2018affected < 2.4.0-2.4fixed 2.4.0-2.4
An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the